Glossary · Term

Compaction-Eviction Attack

← all terms

Definition

Plain language

An attack that tricks an AI agent into deleting its own safety rule by forcing its memory to be summarized.

As stated in the literature

A subtractive attack on long-horizon agents that induces context compaction or eviction so a standing governance rule is dropped from the working context; complementary to additive prompt injection.

Why it matters: It shows that an agent can be subverted not by adding malicious instructions but by forcing it to forget the rules it was already following, which most defenses overlook.

For example, an attacker floods an agent's conversation with filler until its memory gets summarized, and the summary quietly drops the safety rule that said 'never transfer money without approval.'

Heard on the show

“The Compaction-Eviction Attack doesn't add anything malicious.”
Episode 164 — The Summarizer That Quietly Deletes Your Agent's Safety Rules

Mentioned in 1 episode

  1. 164
    The Summarizer That Quietly Deletes Your Agent's Safety Rules

Related terms